W3C home > Mailing lists > Public > public-sysapps@w3.org > May 2014

Re: Updated plans for face to face meeting, and results of questionnaire

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Fri, 23 May 2014 07:53:55 +0200
Message-ID: <537EE273.9080405@gmail.com>
To: Marcos Caceres <w3c@marcosc.com>, "Oda, Terri" <terri.oda@intel.com>
CC: public-sysapps@w3.org, Dave Raggett <dsr@w3.org>
On 2014-05-22 18:31, Marcos Caceres wrote:
>
>
> On May 22, 2014 at 12:11:29 PM, Oda, Terri (terri.oda@intel.com) wrote:
>> FIDO, at least, will a topic of discussion at the WebCrypto workshop in
>> September:
>>
>> http://www.w3.org/2012/webcrypto/webcrypto-next-workshop/Overview.html
>>
>> That workshop is in Mountain View on Sept 10-11th
>
> FWIW, I think SE should probably be moved to the WebCrypto WG. Although I know we
 > have some great SE experts here, there are more people that could contribute to
 > making SE happen on the Web in the WebCrypto WG... just my feeling about this.

The crux is that the SE concept itself has changed considerably during the last 2-3
years which makes it a poor candidate for standardization.

Today most vendors are targeting integrated security architectures where the SE portion
has quite different characteristics compared to for example SIM-cards.

http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf
https://www.samsungknox.com/en

I have recently had contact with two major players in this space and they are both
considering open source efforts rather than standardization.   IMO, this is a good
idea since formal standardizing of a security architecture wouldn't get traction.

Continuing the current smart-card-oriented SE API standardization project is of course
possible, the question is rather how interested vendors really are.

Anders

>
>
Received on Friday, 23 May 2014 05:54:35 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:36:20 UTC